With Windows XP, antipiracy measures were a bit of an afterthought. But with Windows Vista, Microsoft had pirates in its sights from the get-go.

Even the unique Vista retail packaging--a plastic box with one round corner--was designed, in part, to thwart counterfeiters. And the packaging is just the start; most of Microsoft's antipiracy work is built-into the software itself, meaning that just copying the code and getting a product key isn't enough.

"It's a different game for the counterfeiters," Cori Hartje, director of Microsoft's Genuine Software Initiative, said in an interview. "They're having to resort to this full attack on the product."

One such exploit was dubbed "Frankenbuild" because it merged bits of the beta versions of Windows Vista with the final product in an effort to defeat the validation checks built into the software. But, thanks to technology built into Vista, Microsoft was able to update its defenses and start flagging such systems--even those that initially passed activation--as illegitimate.

The antipiracy effort has been building slowly inside Microsoft. Microsoft began quietly testing a Windows Genuine Advantage program in 2004 with an optional check that offered no benefits for taking part, nor penalties for machines that didn't pass. The company quickly expanded the program, adding some incentives for those machines that were verified. The company later made the checks mandatory to download most Windows updates and add-ons.

Microsoft has seen reducing piracy rates as a way to boost its sales, particularly given that the fastest PC sales growth is coming in emerging markets where piracy rates tend to be higher.

"It's a different game for the counterfeiters. They're having to resort to this full attack on the product."

--Cori Hartje, director of Microsoft's Genuine Software Initiative

With Vista, checking for pirates was always part of the plan. Technology built into Vista allows Microsoft to periodically evaluate the OS to make sure it is legitimate, rather than just having one opportunity, when the product key is first entered at activation.

That's important if Microsoft learns, say, that a once-valid product key has been compromised. Microsoft also used the validation mechanism after Frankenbuild was discovered, forcing machines to go through validation, which the Frankenbuild systems failed because the software was not an intact copy of the OS.

There are a number of features, including the new Aero user interface, that require genuine validation. As part of Vista, machines that fail validation go into reduced functionality mode if not remedied within 30 days, meaning such systems can be used only to browse the Internet for an hour at a time.

Microsoft has also tightened the rules on volume licenses, largely eliminating the ability for businesses, even those with bulk purchase deals, to use one product key across an unlimited number of machines. Microsoft has two options with Vista. Companies can either use their own PC or server as a sort of hall monitor to make sure which Vista systems are out there, or they can get a multiple-use key from Microsoft, though such keys have a set number of activations. Businesses can also use a combination of the two approaches.

It's a little early to tell how all of the efforts are working, but Hartje said there are some reasons for optimism.

"We see indications from our channel that they are concerned they get genuine product," Hartje said. "We're optimistic the technology changes are going to make a difference. The fact we haven't seen any high-quality counterfeits is a good sign."

While engineering is a big part of Microsoft's efforts, the company is also doing other things. One recent move was to change the way copies of Windows are produced. Rather than just license replicators to build as much of the software as they might need, such disc makers are now required to pay a part of the cost of the software when the discs are first burned, discouraging large stockpiles of authentic discs from building up in warehouses.